Header Ads

Encrypt ConnectionString in application Config

This topic gives you information about how to encrypt the connection string in IIS/Application Config to increase the security and keep the connection with the database secure. There is so many other sensitive information that can be encrypted but in this topic, we'll particularly talk about encrypting the connectionstringin app config or web config file.Encrypting sensitive sections of the Config is important because they are sensitive. about production Config file. It may contain all information that requires running your web server applications. There are often passwords for SQL database connections, SMTP server, API Keys, or other critical information.

In our example, we will encrypt Connection String in config file.

Before Encrypting Config

look at the below Config file, it can be easily readable. This not look like to be secure if anyone has access to your Config file.

How to encrypting Config

Open Command Prompt with Administrator privileges

At the Command Prompt, enter:

In our example web Config is located in "D:\APP\Config" directory path, then enter the following to encrypt the string, the parameter "connectionStrings" is case sensitive.

After Encrypting Config

After encrypting Connection String section, it will not be in a readable format.